January 13, 2010 - ABA Recommends Using Dedicated PC for Online Banking Date: January 1 & 4, 2010 Synopsis: The American Bankers' Association (ABA) issued guidance to small and mid-sized businesses regarding how to protect themselves from the growing problem of unauthorized Automated Clearing House (continue reading...) Read more
January 11, 2010 - Welcome to the Tenable Network Security Podcast - Episode 18 Announcements A new blog post has been released titled "Airport Security: Don't Make The Same Mistakes" and compares the current challenges of airport security to the very same challenges we (continue reading...) Read more
January 7, 2010 - Airport "Security" Those of us who travel through any U.S. airport are used to the inconvenience of airport security - the long lines, metal detectors, having to take off your shoes, belts, earrings, and of course the ominous "liquids and (continue reading...) Read more
January 5, 2010 - Previously, we’ve blogged about the various advantages and disadvantages of using reputation based analysis of NetFlow, firewall and network sessions for event analysis. The basic concept is to use an external source of “badguy” IP addresses from commercial providers or (continue reading...) Read more
December 28, 2009 - I recently attended the San Francisco IANS Security Forum, where Hart Rossman and I facilitated several of the roundtable sessions. I thought I'd summarize a few of the "take-aways" and useful comments from each. Cloud Computing and Outsourcing was a (continue reading...) Read more
December 24, 2009 - Plugins, Glorious Plugins In 2009, Tenable released over 8,100 new plugins (and the year isn’t over yet!). These plugins have covered several different types of vulnerabilities, including web applications, embedded systems, local checks for operating systems and much more. We (continue reading...) Read more
December 23, 2009 - The story: US and Russia Discussing Cyber Warfare and Cyber Security Officials from the US and Russia are meeting to discuss improving Internet security and establishing cyber warfare policy. The Russians would like to see a cyber warfare disarmament treaty between (continue reading...) Read more
December 21, 2009 - Welcome to the Tenable Network Security Podcast - Episode 17 Announcements A new blog post has been released from Marcus Ranum titled, "Afterbites with Marcus Ranum: Gartner & Two-Factor Authentication" You can provide feedback to this podcast and all of our (continue reading...) Read more
December 21, 2009 - The latest episode of the Risky Business podcast is now online. Patrick Gray and I spoke about the recent SANS Incident Detection Summit and how forensics, security monitoring and the detection of advanced persistent threats is gaining more awareness (continue reading...) Read more
December 17, 2009 - Afterbites is a blog segment in which Marcus Ranum provides more in-depth coverage and analysis of the SANS NewsBites newsletter. This week Marcus will be commenting on the following article: Gartner Report Says Two-Factor Authentication Isn't Enough (December 14, (continue reading...) Read more
December 14, 2009 - Welcome to the Tenable Network Security Podcast - Episode 16 Announcements A new blog post has been released that covers the December Microsoft Patch Tuesday roundup. In it we analyze some of the wording, details, and software vulnerabilities released (continue reading...) Read more
December 11, 2009 - Another Tuesday, another round of security bulletins from Microsoft. Are you patched? Nessus contains credentialed local checks for all Microsoft security bulletins. "Specially Crafted" I have always wondered what the term "specially crafted" really means. What is "special"? Merriam-Webster defines it (continue reading...) Read more
December 7, 2009 - Welcome to the Tenable Network Security Podcast - Episode 15 Announcements Nessus 4.2 is released! - The release is going really well, and feedback has been positive. Renaud will join us for this episode to fill us in on some (continue reading...) Read more
December 1, 2009 - Severity Is Multi-Dimensional Vulnerability scanning tools, such as Nessus, can produce reports and assign discovered vulnerabilities a severity rating. The problem I always had with these reports was in evaluating these ratings. Like many other administrators, I found that (continue reading...) Read more
November 30, 2009 - Welcome to the Tenable Network Security Podcast - Episode 14 Announcements Correction: Nessus 4.2 supports Suse 10 Enterprise. Nessus 4.2 is released! - Brand new web interface, performance and reporting improvements, and wider platform support. Listen in for the exclusive details! A (continue reading...) Read more
November 30, 2009 - Another Milestone, Nessus 4.2 Long-time users of Nessus have probably noticed that significant improvements have been made over the past several years. For example, Nessus version 3 introduced many performance enhancements due to an overhaul of the NASL interpreter. Nessus (continue reading...) Read more
November 23, 2009 - The new version of Nessus 4.2 is under active development and getting closer to release as each day passes. The new version introduce some changes and several enhancements and improvements. Over the next few weeks we will (continue reading...) Read more
November 23, 2009 - Welcome to the Tenable Network Security Podcast - Episode 13 Announcements A new video has been released that covers how to use Nessus 4.2, the latest version of Tenable's Nessus vulnerability scanner. Tenable Network Security's CEO, Ron Gula, is featured in (continue reading...) Read more
November 18, 2009 - Recently, the State Department Deputy CIO and CISO John Streufert participated in a podcast where he talked about moving past the Federal Information Security Management Act (FISMA) to a metrics based security program. Performing routine vulnerability scans (continue reading...) Read more
November 17, 2009 - Tenable's CSO Marcus Ranum was quoted in an article from SC Magazine titled "Industry pioneers". In it Marcus gives us some insight into how he perceives his accomplishments: “I like to (continue reading...) Read more